﻿using Microsoft.AspNetCore.Authorization;
using ResourceBasedAuthApp.Data;

namespace ResourceBasedAuthApp.Services
{
    public class DocumentAuthorizationHandler : AuthorizationHandler<SameAuthorRequirement, DocumentEntity>
    {
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, SameAuthorRequirement requirement, DocumentEntity resource)
        {
             
            var claim = context.User.Claims.FirstOrDefault(c => c.Type == "userName");
            if (claim!=null && claim.Value== resource.Editor)
            {
                context.Succeed(requirement);
            }
            return Task.CompletedTask;
        }
    }
}
